For any library that invests in IGI Global's InfoSci-Books and/or InfoSci-Journals databases, IGI Global will match the library’s investment with a fund of equal value to go toward subsidizing the OA APCs for their faculty patrons when their work is submitted/accepted under OA into an IGI Global journal.

Subscribe to the Latest Research Through IGI Global's InfoSci-OnDemand Plus

InfoSci®-OnDemand Plus, a subscription-based service, provides researchers the ability to access full-text content from over 100,000+ peer-reviewed book chapters and 25,000+ scholarly journal articles that spans across 350+ topics in 11 core subjects. Users can select articles or chapters that meet their interests and gain access to the full content permanently in their personal online InfoSci-OnDemand Plus library.

Purchase the Encyclopedia of Information Science and Technology, Fourth Edition

and Receive Complimentary E-Books of Previous Editions

When ordering directly through IGI Global's Online Bookstore, receive the complimentary e-books for the first, second, and third editions with the purchase of the Encyclopedia of Information Science and Technology, Fourth Edition e-book.

Create a Free IGI Global Library Account to Receive a 25% Discount on All Purchases

Exclusive benefits include one-click shopping, flexible payment options, free COUNTER 5 reports and MARC records, and a 25% discount on single all titles, as well as the award-winning InfoSci®-Databases.

Abstract

Cloud computing has recently emerged in prominence and is being rapidly adopted by organizations because of its potential and perceived benefits of flexibility and affordability. According to surveys conducted in 2008 and 2009 by International Data Corporation (IDC) of IT executives and CIOs, security was cited as the top concern for the adoption of cloud computing. Enterprises that plan to utilize cloud services for their infrastructure, platform, and/or software needs must understand the security risks and privacy issues related to cloud computing. This chapter discusses the technical, legal, and policy/organizational security risks of cloud computing, and reviews recommendations/strategies for managing and mitigating security threats in cloud computing. It also presents vendor-specific solutions and strategies that cloud service providers are implementing for mitigating security risks in cloud computing.

Definition Of Cloud Computing

Cloud computing has been defined differently by various groups (comprising of industry, academia, and government). Armbrust, et al., (2009) state that “cloud computing is a new term for a long-held dream of computing as a utility” due to its pay-as-you-go characteristic. They refer to cloud computing as “both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services.”

IDC (2008a) makes a distinction between cloud services and cloud computing by first defining cloud services with eight specific attributes (off-site/third party provider; accessed via the internet; minimal/mo IT skills required to implement; provisioning; pricing model; user interface; system interface; and shared resources/common versions) and then defining cloud computing as consisting of “a growing list of technologies and IT offerings that enable cloud services as defined by its eight characteristics.”

In this article, we use NIST’s (National Institute of Standards and Technology) definition of cloud computing. NIST defines cloud computing as a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction, (Mell & Grance, 2009)